We have a requirement from the client to restrict budget execution in Funds management.
Business case: A user from a particular organization/agency should be able to transfer funds within his organization and should be restricted from using other agency funds.
We are planning to use authorization groups while defining the FM master data (funds, fund centers, funded programs). Later, we use these authorization groups while creating derived roles (organization/agency specific). So when the user performs activity in FMBB, he will get an authorization error if he tries to use funds that he is not authorized for.
As there could be 1000s of fund centers, maintaining them using authorization groups could be cumbersome.
I would like to know if any of you have implemented security in FM using fund center groups/ hierachy structure instead of using authorization groups.
Appreciate your suggestions and inputs ..